Dimauro, Frank wrote:
> Can anyone suggest a fix that will prevent future hijack?
Is this script meant to be invoked by anonymous? It looks like
zm_sendMail is the culprit rather than this script. Check the
permissions on it. If it truly is meant to be invoked by anonymous
visitors, then that zm_sendMail need so be responsible for validating
the mail headers.
Also, it looks like we need a paste site or use http://paste.plone.org/
--
Sincerely,
Chris Calloway
http://www.seacoos.org
office: 332 Chapman Hall phone: (919) 962-4323
mail: Campus Box #3300, UNC-CH, Chapel Hill, NC 27599